VYPR
High severityNVD Advisory· Published Jul 15, 2022· Updated Sep 16, 2024

Regular Expression Denial of Service (ReDoS)

CVE-2022-25858

Description

The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
tersernpm
< 4.8.14.8.1
tersernpm
>= 5.0.0, < 5.14.25.14.2

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.